Approver - Approve Transaction
The approver is responsible for verifying a transaction proposed by a proposer.
Requirements
-
Linux Workstation (online machine)
- Any internet connected computer with a Linux shell will suffice
-
-
The approver should print photographic evidence from digital cameras which is stored in a PGP signed repository. The photographs should be of the top and underside of the vacuum sealed object.
-
The approver should verify the commit signatures of the photographs they are printing against a list of permitted PGP keys found in the
vaultsrepo
-
-
Clone the Vaults Repository for your organization to the machine
Procedure
-
Turn on online linux workstation
-
Pull the latest changes from the
vaultsrepository -
Unseal the SD Card Pack
a. Retrieve digital/physical photographs of both sides of sealed bundle
b. Compare all photographs to object for differences
c. Proceed with unsealing the object if no differences are detected
-
Plug a fresh SD card into the online linux workstation
-
Save the
vaultsrepository to the SD card, referred to as the Ceremony SD card -
Unplug the Ceremony SD card
-
Unseal the tamper proofed bundle
a. Retrieve digital/physical photographs of both sides of sealed bundle
b. Compare all photographs to object for differences
c. Proceed with unsealing the object if no differences are detected
-
Insert the AirgapOS SD card into the airgapped machine and turn it on
-
Once booted, unplug the AirgapOS SD card
-
Plug in the Ceremony SD card
-
Look for your SD card device name (
<device_name>) in the output of thelsblkcommand. It will typically be listed as/dev/sdXor/dev/mmcblk<num>, where X is a letter (e.g.,/dev/sdb,/dev/sdc). You can identify it by its size or by checking if it has a partition (like/dev/sdX1)- Mount the device using:
sudo mount /dev/<your_device> /media
- Mount the device using:
-
Copy the git repo locally from the Ceremony SD card and change into it
$ cp -r /media/vaults /root/vaults $ cd /root/vaults -
Plug in the Operator smart card
-
Verify the existing signatures and add your own signature:
icepick workflow --add-signature-to-quorum <namespace>/ceremonies/<date>/payload_<num>.json --shardfile <shardfile>.asc
-
Look for your SD card device name (
<device_name>) in the output of thelsblkcommand. It will typically be listed as/dev/sdXor/dev/mmcblk<num>, where X is a letter (e.g.,/dev/sdb,/dev/sdc). You can identify it by its size or by checking if it has a partition (like/dev/sdX1)- Mount the device using:
sudo mount /dev/<your_device> /media
- Mount the device using:
-
Copy the updated vaults repo to the SD card
cp -r /root/vaults /media
-
Unplug the SD card from the air-gapped machine
-
Plug in the SD card into the online linux workstation
-
Look for your SD card device name (
<device_name>) in the output of thelsblkcommand. It will typically be listed as/dev/sdXor/dev/mmcblk<num>, where X is a letter (e.g.,/dev/sdb,/dev/sdc). You can identify it by its size or by checking if it has a partition (like/dev/sdX1)- Mount the device using:
sudo mount /dev/<your_device> /media
- Mount the device using:
-
Copy the updated repository locally and change into it:
$ cp -r /media/vaults ~/ $ cd ~/vaults -
Stage, sign, commit and push changes to the ceremonies repository:
$ git add <namespace>/ceremonies/<date>/payloads/* $ git commit -S -m "add payload signature for payload_<num>.json" $ git push origin main -
Tamper proof the AirgapOS and Air-gapped laptop
-
Insert object(s) into plastic sealing bag
-
Fill bag with enough plastic beads that most of the object is surrounded
-
Use vacuum sealer to remove air from the bag until the beads are no longer able to move
-
Take photographs of both sides of the sealed object using both the digital and polaroid camera
-
Date and sign the polaroid photographs and store them in a local lock box
-
Take the SD card to an online connected device, ensuring continued dual custody, and commit the tamper evidence photographs to a repository. If two individuals are present, have one create a PR with a signed commit, and the other do a signed merge commit.